|
On Apr 28, 2020, at 10:57 AM, Justin Taylor <JUSTIN@xxxxxxxxxxxxx> wrote:
I'm not sure why you'd want/need to export your cert for clients to access your HTTPS site. I've never needed to export my Apache cert, and I've never had to install a cert in my browser to access my (or any other) HTTPS site.
-----Original Message-----
From: Jay Vaughn [mailto:jeffersonvaughn@xxxxxxxxx]
Sent: Tuesday, April 28, 2020 9:23 AM
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxxxxxxxx>
Subject: Apache http ssl certificate - export
Brand new to the administration end of things... but doing well so far I believe in setting up ssl with certificates on the server.
Objective: create ssl http server, create certificate, export off iSeries to any off platform calls into the server via http.
so far...
1.) used DCM to create *system cert store
2.) used DCM to create local CA
3.) used DCM to create certificate
- have attempted to use DCM methods to export the file off the i.
From copy/paste of the certificate info along with the export buttonfeature to move the certificate to the IFS as a .pfx file.
4.) created http server, using the ssl config wizard for ssl.
I am using postman now to test my api call. using the certificate info i "exported" of the i.
(btw the api call from postman works fine when using regular http
(user/pass) auth... so no problems with the entire process of consuming the api off platform - i'm just stuck now implementing this ssl security)
Through many trial and errors, and many different responses I feel I am
closest at this point... I am getting a...
403 Forbidden
You don't have permission to access this resource.
I can provide error log info as well as other diagnostics from postman if needed.
I feel my issue is how I'm exporting and extracting the certificate info to my pc. I seem to be missing a public key. I only have a CRT and PFX file to provide to postman... i'm missing the KEY file.
any help would be greatly appreciated!
Jay
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.
Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related questions.
Help support midrange.com by shopping at amazon.com with our affiliate link: https://amazon.midrange.com
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.